Windows

I’ve just spent a day trying to bring Windows Update back to life on my desktop after realising it hadn’t done a successful update for over a year (haven’t really used it much this past year). Over the course of the day I encountered a few issues as I tried to troubleshoot including; Stuck on checking for updates for hours (appears to be hanging or never completing), Showing error 0x80070057, WARNING: Failed to filter search results, error = 0x8024000B, Unable to check for updates etc. This might work on other versions but the below was specifically done on Windows 7 SP1 64-bit.

Below are the steps that finally appear to have fixed my setup – try this at your own risk, if you are technically comfortable with the instructions and most importantly are happy that you could restore your system if you completely break it – I’m not a Windows expert but trial and error of plenty of other solutions led me here. I’ve tried to include all references I used when trying to find something that worked at the end of this guide… there were a lot so feel free to have a look through them in-case they help your specific case.

In Start->Search Bar enter cmd, when it appears right click and select “Run as Administrator”.

Enter the following in order, if you encounter an error with any of these you may want to abort and search online for a solution to that error. If you encounter an error with stopping/starting a service you might find a restart will help.

After restart, download and run the Windows Update Diagnostic from the Microsoft websitehttps://support.microsoft.com/en-us/kb/2714434It may take a while once you’ve got it running, when I ran it there were one or two errors around downloading Windows updates – don’t worry yet we’ve still got something else to do.

Next install the following KB updates, best bet is to search on the name I list below as they appear to move (I found a few broken links when following other guides). These appear to be dependant on the updates available so while it might be accurate now, if you’re reading this later you might find you need more – I’ll explain how I picked these after.

You’re looking for the standlone Microsoft Standalone Update packages for these, filename is as above with extension .msu.

Give Windows another restart.
When it comes back up, go to Windows Services and make sure that Windows Update and Background Intelligent Transfer Service are both running and set to Automatic. Open Windows Update and select change settings on the left. If its set to Install updates automatically then change it to Never Check, click OK and close Windows Update. If its set to Install Updates Automatically then change it to Never, click OK and close, reopen and change it back to Install Updates automatically – at this point regardless of what the setting was originally, it should now say install automatically.
From the main Windows Update screen hit check for updates. If its worked as it did on mine (after trying and retrying the above in tens of different combinations) then after about 15 minutes it should come to life. If you’ve got a few years of updates waiting then it might take longer.

Now, earlier I listed some updates to download and install separately, Windows Update logs out to WindowsUpdate.log in the Windows directory (C:\Windows on a default install). In there I noticed after I’d got past a lot of the earlier errors, it was initially populating the log with loads of entries like this;

YYYY-MM-DD HH:MM:SS:Z XXX XXXX DtaStor WARNING: Attempted to add URL http://download.windowsupdate.com/d/msdownload/update/software/secu/2016/08/windows6.1-kb3178034-x64_3b1fbfd4b03deca407de34bfa622742f5e83ca71.msu for file XXXXX when file has not been previously added to the datastore

I basically dug through and searched for the last 5 or so entries, searched for them and installed them separately. I don’t know if a specific one helped or resolved a security issue but it was only after I got those and restarted that Windows Update came back to life.

Hope this helped, if it did or you found something else worked then please leave a comment!

Since I have Windows 8 Consumer preview Build 8250 (64 bit) installed on a VM I thought I would give installing Splunk a shot. I downloaded 4.3.2 64 Bit, installation was painless and once started I could add event log data as an input without issues.

No doubt there will be some things that are wonky which have been changed by Microsoft since Win7/Win2k8 but I’m sure that they will be ironed out when Windows 8 is ready for general release. Also I found that Internet Explorer Metro wouldn’t load a local web server, it just sits looking forever while if you use Internet Explorer desktop (traditional) then it will load first time! Below is a screenshot of the summary screen after configuring it to ingest a few local event logs, no problems at this point or indeed when searching.